Now I am developing codeigniter site.
I have one issue.
In order to read&open pdf into web browser.
header("Content-type:application/pdf");
header('Content-Type: application/vnd.ms-excel'); //mime type
header('Cache-Control: max-age=0'); //no cache
header("Content-Disposition:attachment;filename=\"".$file."\"");
readfile($filePath);
above code $file is filename and $filePath is pdf file path.
When it runs on local server, $filePath is value such as "http://localhost/.pdf" and it runs well.
But when runs on hosting server, this value is "http://.com/***.pdf"
And doesn't run.
We can not open with pdf format error.
file content didn't include readed.
I know that is cause of URL issue.
But I have no issue!
Your Content-Disposition should be inline if you want to display the file in the browser and not as a download but I guess it doesn't really matter if you can get it to work.
If your allow_url_fopen config in PHP is set to Off, you will not be able to read URL file from within your PHP script.
Anyway, your code should look something like this.
<?php
$file = "lesson2.pdf";
$filePath = "http://kmmc.in/wp-content/uploads/2014/01/lesson2.pdf";
header("Content-Type: application/pdf");
header("Cache-Control: max-age=0");
header("Content-Disposition: inline; filename=\"" . $file . "\"");
readfile($filePath);
Related
I am having issues with downloading a file in php. I've got a folder with files outside my server root (for security reasons, but I dont think this might by the problem), and I am trying to download a file using the script below,
where $_POST['path'] or $filename (after check) is the absolute path of my folder, like
/home/username/storage/filename.extension
and my server root path is /home/username/www
when I try to download a .txt file, everything seems to work fine - I can download it and open it.
However, when I downloaded an image or video file, none of the applications on my computer could open the file.
For .png it says that my file is not a PNG file, for .jpg it says it does not start with 0x0a 0x0a, etc.
Everytime I've tried to download something, the size of the file in the folder from which I downloaded it was equal to the size of the file that I downloaded. But there is something wrong with the format/contents of the file.
I checked the files in the directory from which I am downloading, there is no problem with them. The problem is only with the downloaded ones, so for some reason my script does not download them correctly.
Maybe my headers are not correct? Or maybe there might be a problem with files above some size (my txt files are smaller than images.., but even a 300M video was downloaded in a couple of seconds)? (However, there is no error in apache error log.) Or what am I doing wrong, please?
if(isset($_POST['path'])) {
//Read the filename
//+there are some checks on the path, to make sure user does not download a file which I dont want him to be able to download, but I dont think that is important, because the .txt file is downloaded normally
$filename = $_POST['path'];
//Check the file exists or not
if(file_exists($filename)) {
//Define header information
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header("Cache-Control: no-cache, must-revalidate");
header("Expires: 0");
header('Content-Disposition: attachment; filename="'.basename($filename).'"');
header('Content-Length: ' . filesize($filename));
header('Pragma: public');
//Clear system output buffer
flush();
//Read the size of the file
readfile($filename);
//Terminate from the script
die();
}
else{
echo "File does not exist.";
}
}
else
echo "Filename is not defined."
Seems that calling the ob_clean() method before readfile() was helpful :),
for more information, see https://www.php.net/manual/en/function.ob-clean.php
this works for me:
if(isset($_POST['path']))
{
//Read the filename
$filename = $_POST['path'];
//Check the file exists or not
if(file_exists($filename)) {
//Define header information
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header("Cache-Control: must-revalidate");
header('Content-Transfer-Encoding: binary');
header("Expires: 0");
header('Content-Disposition: attachment; filename="'.basename($filename).'"');
header('Content-Length: ' . filesize($filename));
header('Pragma: public');
ob_clean(); //<----- I had to add THIS LINE
//Clear system output buffer
flush();
//Read the size of the file
readfile($filename);
//Terminate from the script
die();
}
else{
echo "File does not exist.";
}
}
else
echo "Filename is not defined."
I have a CSV file on my server. If a user clicks on a link it should download, but instead it opens up in my browser window.
My code looks as follows
<a href="files/csv/example/example.csv">
Click here to download an example of the "CSV" file
</a>
It's a normal webserver where I have all of my development work on.
I tried something like:
<a href="files/csv/example/csv.php">
Click here to download an example of the "CSV" file
</a>
Now the contents of my csv.php file:
header('Content-Type: application/csv');
header('Content-Disposition: attachment; filename=example.csv');
header('Pragma: no-cache');
Now my issue is it's downloading, but not my CSV file. It creates a new file.
.htaccess Solution
To brute force all CSV files on your server to download, add in your .htaccess file:
AddType application/octet-stream csv
PHP Solution
header('Content-Type: application/csv');
header('Content-Disposition: attachment; filename=example.csv');
header('Pragma: no-cache');
readfile("/path/to/yourfile.csv");
Or you can do this using HTML5. Simply with
<a href="example.csv" download>download not open it</a>
This cannot be done reliably, since it's up to the browser to decide what to do with an URL it's been asked to retrieve.
You can suggest to the browser that it should offer to "save to disk" right away by sending a Content-disposition header:
header("Content-disposition: attachment");
I'm not sure how well this is supported by various browsers. The alternative is to send a Content-type of application/octet-stream, but that is a hack (you're basically telling the browser "I'm not telling you what kind of file this is" and depending on the fact that most browsers will then offer a download dialog) and allegedly causes problems with Internet Explorer.
Read more about this in the Web Authoring FAQ.
Edit You've already switched to a PHP file to deliver the data - which is necessary to set the Content-disposition header (unless there are some arcane Apache settings that can also do this). Now all that's left to do is for that PHP file to read the contents of the CSV file and print them - the filename=example.csv in the header only suggests to the client browser what name to use for the file, it does not actually fetch the data from the file on the server.
Here is a more browser-safe solution:
$fp = #fopen($yourfile, 'rb');
if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE"))
{
header('Content-Type: "application/octet-stream"');
header('Content-Disposition: attachment; filename="yourname.file"');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header("Content-Transfer-Encoding: binary");
header('Pragma: public');
header("Content-Length: ".filesize($yourfile));
}
else
{
header('Content-Type: "application/octet-stream"');
header('Content-Disposition: attachment; filename="yourname.file"');
header("Content-Transfer-Encoding: binary");
header('Expires: 0');
header('Pragma: no-cache');
header("Content-Length: ".filesize($yourfile));
}
fpassthru($fp);
fclose($fp);
Configure your server to send the file with the media type application/octet-stream.
This means that your browser can handle this file type.
If you don't like it, the easiest method would be offering ZIP files. Everyone can handle ZIP files, and they are downloadable by default.
Nice clean solution:
<?php
header('Content-Type: application/download');
header('Content-Disposition: attachment; filename="example.csv"');
header("Content-Length: " . filesize("example.csv"));
$fp = fopen("example.csv", "r");
fpassthru($fp);
fclose($fp);
?>
A previous answer on this page describes how to use .htaccess to force all files of a certain type to download. However, the solution does not work with all file types across all browsers. This is a more reliable way:
<FilesMatch "\.(?i:csv)$">
ForceType application/octet-stream
Header set Content-Disposition attachment
</FilesMatch>
You might need to flush your browser cache to see this working correctly.
If you are doing it with your application itself... I hope this code helps.
HTML
In href -- you have to add download_file.php along with your URL:
<a class="download" href="'/download_file.php?fileSource='+http://www.google.com/logo_small.png" target="_blank" title="YourTitle">
PHP
/* Here is the Download.php file to force download stuff */
<?php
$fullPath = $_GET['fileSource'];
if($fullPath) {
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
$ext = strtolower($path_parts["extension"]);
switch ($ext) {
case "pdf":
header("Content-Disposition: attachment; filename=\"" . $path_parts["basename"]."\""); // Use 'attachment' to force a download
header("Content-type: application/pdf"); // Add here more headers for diff. extensions
break;
default;
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"" . $path_parts["basename"]."\"");
}
if($fsize) { // Checking if file size exist
header("Content-length: $fsize");
}
readfile($fullPath);
exit;
}
?>
To force download you may use Content-Type: application/octet-stream header, which is supported by most browsers:
function downloadFile($filePath)
{
header("Content-type: application/octet-stream");
header('Content-Disposition: attachment; filename="' . basename($filePath) . '"');
header('Content-Length: ' . filesize($filePath));
readfile($filePath);
}
A BETTER WAY
Downloading files this way is not the best idea especially for large files. PHP will require extra CPU / Memory to read and output file contents and when dealing with large files may reach time / memory limits.
A better way would be to use PHP to authenticate and grant access to a file, and actual file serving should be delegated to a web server using X-SENDFILE method (requires some web server configuration):
X-SENDFILE is natively supported by Lighttpd: https://redmine.lighttpd.net/projects/1/wiki/X-LIGHTTPD-send-file
Apache requires mod_xsendfile module: https://tn123.org/mod_xsendfile/ On Ubuntu may be installed by: apt install libapache2-mod-xsendfile
Nginx has a similar X-Accel-Redirect header: https://www.nginx.com/resources/wiki/start/topics/examples/xsendfile/
After configuring web server to handle X-SENDFILE, just replace readfile($filePath) with header('X-SENDFILE: ' . $filePath) and web server will take care of file serving, which will require less resources than using PHP readfile.
(For Nginx use X-Accel-Redirect header instead of X-SENDFILE)
Note: If you end up downloading empty files, it means you didn't configure your web server to handle X-SENDFILE header. Check the links above to see how to correctly configure your web server.
I know there are a lot of mentions of this but I have tried all the suggestions and nothing seems to work.
I have this script to force download files, but when using docx formats it downloads ok but then says the file is corrupt. However word does manage to open it ok.
Does anyone know why the docx would keep saying there corrupt. I have double checked them by ftp them down from the server and they are fine and open first time.
$documentDir = '/home/';
$file = $_GET['d'];
$fileLocation = $documentDir.$file;
header('Content-type: application/octet-stream');
header('Content-Length: ' . filesize($fileLocation));
header('Content-disposition: attachment; filename="'.$file.'"');
readfile($fileLocation);
exit(0);
This script works for me.
Are you sure that all your documents are situated in /home/ ?
Don't you mean the relative path home/
If this still doesn't work, can you please tell what's the size of the downloaded docx, and open that file in a text editor like sublime_text, the error will probably be written in there.
You could try modifying disposition line and adding encoding line to ensure encoding is done correctly.
header ("Content-Disposition: attachment; filename*=UTF-8'en'$file");
header('Content-Transfer-Encoding: binary');
I have a PHP script that is currently working locally that I'd like to put on a server.
Currently, the user choose a .txt file, the PHP script works on it and outputs a new file based on what it read in the file.
The problem is that I can only select files in the folder with the script, and not elsewhere.
I use a to get the file name, but it only gives out the name of the file, and not it's absolute path.
From what I've read, I think that I need to upload the file to the server, process it with the script and then give it back to the user.
I'm not sure this is the correct method though.
Also, while I have found plenty of informations on uploading files to the server, I don't know how to put the new file created by the script in the folder where the original file is located.
You cannot read or write files directly on the client's machine. The client will need to upload the file by selecting it in the browser, the server receives the data, processes the data and returns data. This returned data can be presented in the form of a file download by setting the appropriate HTTP headers. The client will have to acknowledge the file download and save it somewhere of his choosing.
Your server has no business knowing anything about files or folders on the client's machine. It can only communicate with it over the HTTP protocol and send and receive data.
You will have to give the file back to the client, as a downloadable file. You can "write" it to the user by setting some headers. Take a look:
<?php
$file = 'random_text_file.txt';
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
?>
That will prompt a download of the file to the user.
I wrote a script on PHP running on Wamp Server, which forces a download of a .txt file. The script looks as follows:
header("Content-Type: application/octet-stream");
$newfile = "data.txt";
header("Content-Disposition: attachment; filename=" . urlencode($newfile));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($newfile));
flush(); // this doesn't really matter.
$fp = fopen($newfile, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush(); // this is essential for large downloads
}
fclose($fp);
This code is working well.
But the problem is, I've connected my Android device to PC, and able to download this file by using any other browsers, but NOT Android Default Web Browser.
Does anybody know why the download fails on the default browser? But can be downloaded from other on Android?
The Android browser is really picky about the HTTP headers for some reason.
This page will give you some insight about the matter: http://www.digiblog.de/2011/04/android-and-the-download-file-headers/
To quote part of the page, if you use this line of code, it probably won't work.
Content-Type: application/force-download
The page also gives you some possible solutions.